Project

General

Profile

Bug #8616

When reconfiguring a captiveportal, connected users get disconnected and can't login back

Added by A FL 9 months ago. Updated 3 months ago.

Status:
New
Priority:
High
Assignee:
-
Category:
Captive Portal
Target version:
-
Start date:
07/03/2018
Due date:
% Done:

0%

Estimated time:
Affected Version:
All
Affected Architecture:
All

Description

Hello,

I noticed a weird behaviour with captiveportal when reconfiguring a CP while active users are connected : When administrator saves settings, ipfw rules are automatically flushed.

This is a big problem when editing captive portal settings while some users are connected : user are technically disconnected and are redirected to the login page (because ipfw rules are flushed), but they are still considered as connected and are unable to log-in again (because they are still present in the sqlite database).

This happen because when settings are saved, captiveportal rules are re-appplied unconditionally to the network interface.

One easy/dirty workaround would be to flush sqlite3 database when re-applying ipfw rules (meaning users get will get disconnected, but will be able to login again).

One (maybe better) fix would be to apply ipfw rules only if necessary (eg, when changing the captive portal’s network interface or some key settings) and to connect-back users after applying rules.

History

#1 Updated by A FL 9 months ago

Issue mentionned here : https://forum.netgate.com/topic/137824/pfsense-no-internet-when-it-is-said-you-are-connected/13

This issue also happens when updating settings on the MAC page(eg, adding a MAC address as bypass...)

Also, maybe captiveportal should use make_subsystem_dirty when reloading rules ? See #1924

#2 Updated by A FL 3 months ago

Pull Request : https://github.com/pfsense/pfsense/pull/4031

Netgate choosed to fix this issue in another way. new pull request : https://github.com/pfsense/pfsense/pull/4042

Also available in: Atom PDF